Описание
Security update for s390-tools
This update for s390-tools fixes the following issues:
- Fixed an issue where IPL was not working when bootloader was installed on a SCSI disk with 4k physical blocksize without using a devicemapper target (bsc#1183041).
- CVE-2021-25316: Do not use predictable temporary file names (bsc#1182777).
- Made the name of the temporary configuration file in /tmp/ unpredictable (bsc#1182876).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
osasnmpd-2.1.0-18.29.1
s390-tools-2.1.0-18.29.1
s390-tools-hmcdrvfs-2.1.0-18.29.1
s390-tools-zdsfs-2.1.0-18.29.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
osasnmpd-2.1.0-18.29.1
s390-tools-2.1.0-18.29.1
s390-tools-hmcdrvfs-2.1.0-18.29.1
s390-tools-zdsfs-2.1.0-18.29.1
Ссылки
- Link for SUSE-SU-2021:0776-1
- E-Mail link for SUSE-SU-2021:0776-1
- SUSE Security Ratings
- SUSE Bug 1182777
- SUSE Bug 1182876
- SUSE Bug 1183041
- SUSE CVE CVE-2021-25316 page
Описание
A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions prior to 2.1.0-18.29.1. SUSE Linux Enterprise Server 15-SP2 s390-tools versions prior to 2.11.0-9.20.1.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:osasnmpd-2.1.0-18.29.1
SUSE Linux Enterprise Server 12 SP5:s390-tools-2.1.0-18.29.1
SUSE Linux Enterprise Server 12 SP5:s390-tools-hmcdrvfs-2.1.0-18.29.1
SUSE Linux Enterprise Server 12 SP5:s390-tools-zdsfs-2.1.0-18.29.1
Ссылки
- CVE-2021-25316
- SUSE Bug 1180877
- SUSE Bug 1182777
- SUSE Bug 1182876